Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

UNKNOWN — Vulnerabilities & Security Advisories 4143

Browse all 4143 CVE security advisories affecting UNKNOWN. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by UNKNOWN: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Form Maker by 10Web Yi Technology wp-affiliate-platform wp-cart-for-digital-products Autoptimize Simple Download Monitor MapPress Maps for WordPress Salon booking system VikBooking Hotel Booking Engine & PMS WPQA Builder Frontend File Manager Plugin Photo Gallery by 10Web – Mobile-Friendly Image Gallery EventPrime Popup box WP MultiTasking wpb-show-core Transposh WordPress Translation
CVE IDTitleCVSSSeverityPublished
CVE-2024-5573 Easy Table of Contents < 2.0.66 - Admin+ Stored XSS — Easy Table of Contents 4.8AIMediumAI2024-06-26
CVE-2024-5199 Spotify Play Button <= 1.0 - Contributor+ Stored XSS — Spotify Play Button 5.4AIMediumAI2024-06-26
CVE-2024-4957 Frontend Checklist <= 2.3.2 - Admin+ Stored XSS — Frontend Checklist 4.8AIMediumAI2024-06-26
CVE-2024-5071 Bookster <= 1.1.0 - Unauthenticated Appointment Status Update — Bookster 5.3AIMediumAI2024-06-26
CVE-2024-4959 Frontend Checklist <= 2.3.2 - Admin+ Stored XSS via Items — Frontend Checklist 4.8AIMediumAI2024-06-26
CVE-2024-4758 Muslim Prayer Time BD <= 2.4 - Settings Reset via CSRF — Muslim Prayer Time BD 4.3AIMediumAI2024-06-26
CVE-2024-3633 WebP & SVG Support <= 1.4.0 - Author+ Stored XSS via SVG — WebP & SVG Support 5.4AIMediumAI2024-06-26
CVE-2024-4759 Mime Types Extended <= 0.11 - Author+ Stored XSS via SVG Upload — Mime Types Extended 5.4AIMediumAI2024-06-25
CVE-2024-4757 Logo Manager For Enamad <= 0.7.0 - Stored XSS via CSRF — Logo Manager For Enamad 6.1AIMediumAI2024-06-25
CVE-2024-4900 SEOPress < 7.8 - Contributor+ Open Redirect — SEOPress 5.4AIMediumAI2024-06-24
CVE-2024-4899 SEOPress < 7.8 - Contributor+ Stored XSS — SEOPress 4.8AIMediumAI2024-06-24
CVE-2024-5448 PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode <= 1.7 - Contributor+ Stored XSS — PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode 5.4 -2024-06-21
CVE-2024-4969 Widget Bundle <= 2.0.0 - Widget Disable/Enable via CSRF — Widget Bundle 4.3 -2024-06-21
CVE-2024-5447 PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode <= 1.7 - Admin+ Stored XSS — PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode 4.8 -2024-06-21
CVE-2024-4970 Widget Bundle <= 2.0.0 - Admin+ Stored XSS — Widget Bundle 4.8 -2024-06-21
CVE-2024-4475 WP Logs Book <= 1.0.1 - Log Clearing via CSRF — WP Logs Book 4.3 -2024-06-21
CVE-2024-4477 WP Logs Book <= 1.0.1 - Unauthenticated Stored XSS — WP Logs Book 6.1 -2024-06-21
CVE-2024-4755 Google CSE <= 1.0.7 - Admin+ Stored XSS — Google CSE 4.8 -2024-06-21
CVE-2024-4616 Widget Bundle <= 2.0.0 - Unauthencated Reflected XSS — Widget Bundle 6.1 -2024-06-21
CVE-2024-4474 WP Logs Book <= 1.0.1 - Disable Logging via CSRF — WP Logs Book 4.3 -2024-06-21
CVE-2024-4384 CSSable Countdown <= 1.5 - Admin+ Stored XSS — CSSable Countdown 4.8 -2024-06-21
CVE-2024-4381 CB (legacy) <= 0.9.4.18 - Admin+ Stored XSS — CB (legacy) 4.8 -2024-06-21
CVE-2024-4382 CB (legacy) <= 0.9.4.18 - Code/Timeframe/Booking Deletion via CSRF — CB (legacy) 4.3 -2024-06-21
CVE-2024-4377 DOP Shortcodes <= 1.2 - Contributor+ Stored XSS via Shortcode — DOP Shortcodes 5.4 -2024-06-21
CVE-2024-5475 Responsive video embed < 0.5.1 - Contributor+ Stored XSS — Responsive video embed 5.4AIMediumAI2024-06-20
CVE-2024-5522 HTML5 Video Player < 2.5.27 - Unauthenticated SQLi — HTML5 Video Player 9.8AICriticalAI2024-06-20
CVE-2024-4565 Advanced Custom Fields < 6.3 - Contributor+ Custom Field Access — Advanced Custom Fields (ACF) 5.3AIMediumAI2024-06-20
CVE-2024-5172 Expert Invoice <= 1.0.2 -Admin+ Stored XSS — Expert Invoice 4.8AIMediumAI2024-06-18
CVE-2024-4094 Simple Share Buttons Adder < 8.5.1 - Admin+ Stored XSS — Simple Share Buttons Adder 4.8AIMediumAI2024-06-18
CVE-2024-3276 FooBox (Free and Premium) < 2.7.28 - Admin+ Stored XSS — Lightbox & Modal Popup WordPress Plugin 4.8AIMediumAI2024-06-18

This page lists every published CVE security advisory associated with UNKNOWN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.